All Products
Search
Document Center

NAT Gateway:Comparison between enhanced Internet NAT gateways and standard Internet NAT gateways

Last Updated:Aug 23, 2023

This topic describes the differences in features and limits between enhanced Internet NAT gateways and standard Internet NAT gateways.

Comparison of features

Feature

Enhanced Internet NAT gateway

Standard Internet NAT gateway

References

Deploying multiple Internet NAT gateways in the same virtual private cloud (VPC)

Supported

Not supported

Deploy multiple Internet NAT gateways in one VPC

Associating a vSwitch with an Internet NAT gateway

Supported

Not supported

N/A

Billed on an hourly basis

Supported

Not supported

Processing TCP, UDP, and ICMP fragments

Supported

Not supported

N/A

Monitoring metrics

22

4

Monitor and maintain Internet NAT gateways

Associating multiple elastic IP addresses (EIPs) with an Internet NAT gateway

Supported

Supported

Associate an EIP with an Internet NAT gateway

SNAT

Supported

Supported

Create and manage SNAT entries

Creating multiple SNAT entries in an SNAT table

Supported

Supported

Associating multiple EIPs with an SNAT table

Supported

Supported

DNAT

Supported

Supported

Create and manage DNAT entries

DNAT port mapping

Supported

Supported

DNAT IP mapping

Supported

Supported

Elastic Compute Service (ECS) instances using SNAT to access services that use DNAT to provide Internet-facing services when the same Internet NAT gateway is used for SNAT and DNAT

Not supported

Supported

N/A

Specifying an EIP in both SNAT and DNAT tables

Supported

Not supported

Comparison of limits

Item

Enhanced Internet NAT gateway

Standard Internet NAT gateway

The maximum number of Internet NAT gateways that can be created in a VPC

5 (

You can increase the quota by performing the following operations:

)

1. You cannot adjust the quota.

The maximum number of DNAT entries that can be added to an Internet NAT gateway

100. You can increase the quota. For more information, see Manage NAT Gateway quotas.

100. You can increase the quota. For more information, see Manage NAT Gateway quotas.

The maximum number of SNAT entries that can be added to an Internet NAT gateway

40. You can increase the quota. For more information, see Manage NAT Gateway quotas.

40. You can increase the quota. For more information, see Manage NAT Gateway quotas.

The maximum number of EIPs that you can specify in an SNAT entry

64. You cannot adjust the quota.

64. You cannot adjust the quota.

Creating an Internet NAT gateway for a VPC that contains a custom route whose destination CIDR block is 0.0.0.0/0

Supported.

Not supported. You must delete the custom route whose destination CIDR block is 0.0.0.0/0 before you can create an Internet NAT gateway for the VPC.

Whether the bandwidth of a vSwitch is limited by the maximum bandwidth of the EIPs in the SNAT entry that is created for the vSwitch

Yes. If the EIPs are associated with an Internet Shared Bandwidth, the bandwidth of the vSwitch is limited by the maximum bandwidth of the Internet Shared Bandwidth.

Yes. If the EIPs are associated with an Internet Shared Bandwidth, the bandwidth of the vSwitch is limited by the maximum bandwidth of the Internet Shared Bandwidth.

The maximum number of EIPs that can be associated with an Internet NAT gateway

20. You can increase the quota. For more information, see Manage NAT Gateway quotas.

20. You can increase the quota. For more information, see Manage NAT Gateway quotas.

The maximum bandwidth of an Internet NAT gateway

5 Gbit/s. If the total bandwidth of the EIPs or Internet Shared Bandwidth instances is greater than 5 Gbit/s, submit a ticket.

An Internet NAT gateway does not have a bandwidth limit itself. However, the bandwidth of an Internet NAT gateway is limited by the bandwidth of the EIPs that are specified in SNAT or DNAT entries. The bandwidth is also limited by the maximum bandwidth of the Internet Shared Bandwidth with which the EIPs are associated.

For example, you create an SNAT entry for an Internet NAT gateway, and specify five pay-by-data-transfer EIPs and two pay-by-bandwidth EIPs whose maximum bandwidth is 500 Mbit/s. The maximum bandwidth of the Internet NAT gateway is 2,000 Mbit/s. This value is calculated based on the following formula: 5 × 200 Mbit/s + 2 × 500 Mbit/s = 2,000 Mbit/s. If the seven EIPs are associated with the same Internet Shared Bandwidth and the maximum bandwidth of the Internet Shared Bandwidth is 1,000 Mbit/s, the maximum bandwidth of the Internet NAT gateway is 1,000 Mbit/s.

Whether the maximum number of concurrent connections for an EIP is 55,000

Yes

Yes

Whether the maximum bandwidth of an EIP in an Internet Shared Bandwidth is 200 Mbit/s

No

Yes

Whether users of NAT service plans can associate EIPs with NAT gateways

No

No

Whether service interruptions occur when you change the maximum bandwidth of an Internet Shared Bandwidth that is associated with an Internet NAT gateway, such as increasing the maximum bandwidth from less than 1 Gbit/s to greater than 1 Gbit/s, or decreasing the maximum bandwidth from greater than 1 Gbit/s to less than 1 Gbit/s

No

Yes

Whether service interruptions occur when the number of EIPs in existing SNAT entries is reduced

Yes

Yes

Whether service interruptions occur when the number of EIPs in existing SNAT entries is increased

No

Yes

Whether an ECS instance can be accessed from the Internet in the following scenario: Multiple elastic network interfaces (ENIs) are attached to the ECS instance, and EIPs are associated with some of the ENIs. Different ENIs are used to forward the inbound and outbound traffic of the ECS instance.

No. You must modify the routes of the ECS instance before you upgrade the standard Internet NAT gateway to an enhanced Internet NAT gateway. Make sure that the inbound traffic and outbound traffic of the ECS instance are forwarded by the same ENI. For more information, see Configure routes for a secondary ENI that is bound to an instance that runs an Alibaba Cloud Linux 2 or CentOS 7 operating system.

Yes

References